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(57) ABSTRACT 

A biometric authentication system is provided which 
includes a dual input reader, the inputs consisting of stored 
physiological data of a user on a chip disposed on a smart 
card, and a fingerprint scan for comparison against the stored 
data. The system is self-contained so that the comparison of 
the biometric data with the data stored on the chip is done 
immediately on board the reader without relying upon 
communications to or from an external source in order to 
authenticate the user. The invention also prevents commu- 
nication with external sources prior to user authentication 
being confirmed, so as to prevent user data from being stolen 
or corrupted. Alternatively, the biometric input can consist 
of a retina scan, voice identification, saliva or other biomet- 
ric data. 

14 Claims, 2 Drawing Sheets 
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BIOMETRIC AUTHENTICATION SYSTEM The facial image can then be transmitted on conventional 

telecommunication lines to a remote computer which recon- 
CROSS REFERENCE TO RELATED structs the initial face image. 

APPLICATIONS u s pat Nq 5 79 3)8S1 t0 Sliver et a] discloses an 

This application is related to and claims the benefit of U.S. s identification system consisting of a detection object which 
provisional Application N T o. 60/092,196 filed Jul. 9, 1998. is grasped by a hand for detecting characteristics of the hand 

and comparing the unique characteristics of those previously 
BACKGROUND OF THE INVENTION recorded and stored in memory. The object can be a handle 

1. Field of the Invention at a s " ccurc facilit y or eveQ a w eapon. 

The present invention relates to apparatus and systems 10 In man y of thc known sccurit y systems, a user must 

which input one or a plurality of a person's physical char- correctly enter both an assigned user ID number and a 

acteristics for comparison with stored data to authenticate password. This is frustrating for both users and systems 

the identity of an individual support personnel. There is also an increase in total costs of 

^Description of the Prior Art 1S ™ d maintcn .f M ^ * e companies 

r t , . , ( . . e employing such systems permit the user identification num- 

Apparatus are known which use biometrics for security ber to the last user logged onto a particular personal 

procedures identification, access control, and such appara- computcr (PC ) to be a default entry in the user ID entry field, 
tus are disclosed in the following patents: nis is the defauU configuration selling which( for example, 

the Windows 98 and Windows NT install in such systems. 
This is a major security breach of such systems. In addition, 
the user must remember both his ID and password and in 
many instances, the user has a plurality of ID J s and pass- 
words for different systems. For example, a distinct ID 
number and password are used for network access, for data 
base access, for E-mail, for main frames, etc. Keying in all 
this data provides for an increased opportunity for another 
individual to observe the passwords being entered to breach 
the system. In addition, "hackers" can "sniff" a network wire 
and capture un-encrypted passwords. In more sophisticated 
theft situations, "trojan horse" type viruses can be used to 
capture a user ID number and password that have been 
U.S. Pat. No. 4,821,118 to Lafreniere discloses a video entered. That is, the user thinks he is logging on as usual, but 
image system for personal identification consisting of the dialogue he is entering this information into is really a 
observing a unique part of the person's anatomy along with look-alike type log on screen that is capturing his key 
the person's ID card and appearance and storing images of 35 strokes. 

those observations for review and comparison with other The foregoi n g description of some of the known systems 

recor s. shows the weakness and vulnerability such systems have to 

U.S. Pat. No. 4,993,068 to Piosenka et al. discloses an being corrupted and compromised. 

unforgeable personal identification system consisting of a A „ t f . , , ■ „, 

* r - . r - . , . v 40 Among other svstems, some of which are disclosed in the 

portable memory device (credit card size) on which are / . m . , . . t . 

* . . . . r J . . v . . , r • t . patents discussed above, a user may provide a biometnc 

stored identification credentials such as facial photo, retina e „ •„ t tA . A A • . . A . . , 

, _ . , • ringer print to a reader device to be compared against data 

scan, voice and fingerprints. A a remote access control sue, Qn & gmm CJrd (o ^ b£ jnsened ^ ^ deyice ^ 

the user presents the portable memory device and the of ^ lhe user , 0 emef his ^ ID wd ^ 

encrypted .dentificahon credentials and then subm.ts physi- a[)d ide his fi fof R fl ^ ^ ^ e { 

cally to imputtng the phystcal identtfication characteristics, of , he fi rint fa (hen , ransmiUed t0 the Kpnt al wilh 

e.g. fingerprints, whereby comparisons performed to deter- T-„ Pt , a t , , *u 

. , , „ , r . a scanned image of the finger that was placed on the scanner 

mine whether to allow or deny access to a remote site. A n A t « . r rc *u ■ « u *l i 

J and verified to be a match. If there is a match, the log on 

U.S. Pat. No. 5,594,806 to Colbert discloses a knuckle pr0 cess will proceed as normal with the validation of the 

profile identification system in which a user inserts an ID ^ user ID ^ password . However, the information is still 

card to retrieve the template from the card of his knuckle being communicated to a server and therefore, the potential 

profile for comparison against the actual knuckle profile. for compromising system security is increased, as was 

U.S. Pat. No. 5,680,205 to Borza discloses a fingerprint discussed above. Since these readers provide no first level 

imaging apparatus with auxiliary lens. authentication prior to sending any data out over the wire 

U.S. Pat. No. 5,717,776 to Watanebe discloses a certifl- 55 whether to the locally connected PC or over the LAN (local 

cation card producing apparatus and certification card con- area network), there is an increased potential for security 

sisting of an input for an identification number of an old risk to the system. 

identification card, including a retina image of an owner, and The systems described above are "polling-type systems", 

an eyesight test means for judging whether the owner is The known systems continuously monitor card readers that 

genuine by collating the old retina image and the present 60 are attached to the particular PC to see if an identity card has 

retina image supplied. been inserted. The constant querying of the readers requires 

U.S. Pat. No. 5,787,186 to Schroeder discloses a biomet- a lot of computer and mechanical support of the host PC. 

ric security process for authenticating identity and credit This in turn requires a significant amount of PC central 

cards, visas, passports and facial recognition, consisting of processing unit (CPU) time and physical memory in order 

an identity card where pre-printed colored ink filigrees and 65 for the system to function. In today's corporate world, a 

the face images have been transferred by a procedure onto server PC that communicates with tens or perhaps hundreds 

the card. The holder of the card is then scanned or videoed. of readers, requires a significant overhead, which is why 
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systems available now use a dedicated PC for these func- It is another object of the present invention to provide an 

tions. In other words, a desk top PC which has one reader authentication system which compares stored biometric data 

attached will lose a lot of valuable CPU cycles and memory with a biometric characteristic of a user in a portable, 

while continually asking or polling the reader if a card is stand-alone unit. 



The smart access system of the present invention as 



inserted. 

However, the apparatus and systems disclosed above call disclosed is a biometric-based personal authentication 

for comparing input data for identification against a multi- system, in particular, a dual input authentication system, 

plicity of data from perhaps as many as millions of indi- wherein one of the inputs is biometrically-based, while the 

viduals. The systems above also transceive information, other input is biometric data on a template for a computer 

whether by wire or wirelessly, to remote locations which 10 chip stored on a smart card. 

permits unauthorized access to or theft of the information Another embodiment of the invention includes three 

that is transmitted or received. inpms tQ authenticate a use[ - i c stored biometric data, 

For example, a criminal (hacker) could try to defeat or stored identification data, and a sensed biometric feature, 

compromise an ID card in much the same way as described Another feature of the invention is that it is self-contained, 

in the "trojan horse" example. That is, a fake component is portable, and in that regard, does not rely on communica- 

not the log on screen but the reader itself. A criminal could tions with a remote location for authentication to be imple- 

mstall a "look-alike" reader as an ATM for example. A mented 

cardholder then inserts his card into this fake reader. If ™ . . . , 

communication were allowed to the reader prior to ,. ^ 'nventmn provides a b.ome.rics apparatus to authen- 

authentication, the hacker could then attempt to read from or 10 "'f * C C "*°" Cr L ?Tw ^ * SUQd - alone 

„ , n „ ■ f r ttm j . . tL . . unit and can be hand-held. Wireless operation to a remote 

"pull information from the card, such as in this example, , . . . , , , . . ,/ . it _ . , 

™^ u^a**'* fi™~™„t i, ta ,lv r , r ,u database is avoided because this would permit unauthorized 

the card holder s fingerprint template, this live scan of their , u ^ « , . . •„ t t . 

» *i ■ l i 4/ \ i ii „ users to hack or smrr data transmitted between the appa- 

nngerprint, their bank account(s) numbers, as well as all , , . , A . , , . , , ^ r 

i r \u j ji i • ■ j • n iL ratus and the remote database. The hand-held unit or wal 

other confidential information on the card. Additionally, the , . . ^ . . . 

.1 , , ■ f t , . , . t . . , , 25 mounted unit has a port into which a user inserts his smart 

hacker could infect the card with a virus that would then be A . XM A £ ,, . , . , 

, . ( , ju u u , , card, such as a MAC-like card having the necessary cross- 
propagated to other systems the cardholder would later f A , . ... ^ . , . tl _ * , 
access referencing data stored thereon. The individual then touches 

a platen to disclose a fingerprint to the device. The finger- 
In contrast, the present invention provides for an open, print ^ extracte d and sensed, and if it corresponds with the 
stand-alone system which does not waste valuable PC 3Q data on the card, authentication of the individual is con- 
memory and CPU cycles and does not communicate with firmcd Alternatively, retina scan, voice identification, 
external sources so as to prevent theft of user's information. sa i iva) DNA, or other biometrics may be used instead of the 

It would therefore be desirable to have an authentication fingerprint, 

system and apparatus which only initiates a one-to-one The invention is a biometrics authentication device which 

comparison with biometrics of a single user against stored 35 ^ preferably portable, hand-held and stand-alone, not rely- 

data on an identification card, so that the system is not ing upon a remote database and requires a plurality of inputs 

required to review information from a multiplicity of other m order t0 authenticate the user. Application would be in the 

persons and be vulnerable to theft. security system industry, Internet security, and is applicable 

It is also desirable to have an authentication apparatus and anywhere authentication is required. For example, the 

system that does not require communication with a remote 40 device could be connected to a computer of a purchaser to 

location or external source, whether transmitted by wire or authenticate same to a seller before the seller on the Internet 

wirelessly, to authenticate the individual or the identity. releases the product for service. 

It is also desirable to have a reader for the system as a 

stand-alone component where no communications are per- BRIEF DESCRIPTION OF THE DRAWINGS 

mitted into or out of the reader until a positive authentication 45 Qther important ob}Ccts and features of the invention will 

occurs. This greatly enhances the security of the system and be apparent from the following Detailed Description of the 

network from unauthorized access. Invention taken in connection with the accompanying draw- 

OBJECTS AND SUMMARY OF THE ° f ™ h ] ch \ 

INVENTION 50 discloses a smart card and reader of a biometric 

authentication system according to the present invention; 

It is an object of the present invention to provide a and 

biometric authentication apparatus and system, each of FIG. 2 discloses a diagram of the biometric authentication 

which can be integrated into existing software systems, such system of me nt invcntion used f for exan { in a 

as Microsoft Windows NT. 55 security situatl0n . 

It is an object of the present invention to provide an 

authentication system which is stand-alone and is designed DETAILED DESCRIPTION OF THE 

to authenticate an individual by comparing a biometric INVENTION 

characteristic of the individual with data stored on a storage Referring to FIG. 1, there is shown generally at 10 a 

medium such as a smart card. 60 rcadcr u for a ( < snmt card „ u uscd in a hiomciric authcn . 

It is another object of the present invention to provide an tication system (FIG. 2) according to the present invention, 

authentication system which is self-contained, thereby pre- The "smart card" 14 is any one of a number of cards which 

venting the necessity for communication with a remote meet certain electronic and storage data capacity require- 

location. raents as required by the following standard: ISO 7816 

It is another object of the present invention to provide an 65 series, part 1-10 for contact smart cards, and ISO 14443 for 

authentication system which prevents "hacking" or other contactless cards. The smart card is a credit card sized plastic 

unauthorized access to the authentication process and data. card with an embedded computer chip. The chip can either 
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be a microprocessor with internal memory, or a memory immediately on board the reader 12. There is no 

chip with non-programmable logic. The chip connection is communication, whether by wire or wirelessly, to or from a 

either via direct physical contact or remotely via contactless remote location central processing unit (CPU) or any other 

electromagnetic interface. A contactless system requires device for authentication. No information is permitted into 

antennas and is therefore, a less reliable system. 5 ,nc reader during the comparison step. This obviates the 

The reader 12 is a self contained stand-alone unit, which need fo ' encu m|>ering the on-site authentication with unnec- 

can be of any size. Preferably, the reader 12 is sized and f. 884 .'* data " th K e CPU and P re y ents hackin S or sniffin g of 

shaped for a hand held operation. The reader 12 includes a thc ^"formation being compared, 

fingerprint scanner platen 16 wired to internal circuitry (not . Ref f rnng also t0 ™. 2 > the elements 10 are shown 

shown) of the reader 12. The platen 16 is actually an exterior 10 In a bl0mel "c authentication system 40 of the present 

surface of a semi-conductor chip 17 constructed to extract inventlon - ^ FIG. 2, the present system 40 is shown used in 

biometric data, such as a fingerprint and scan the data as a f^nty access environment. The system 40 can be used in 

well. The chip 17 is preferably a silicone chip. A comparison 0m 5 environments as well 

means (chip) 19 includes a control means (chip) and is The system 40 includes the reader 12, which as discussed 

connected to the chip 17. The comparison chip compares the is above > scans the user ' s fingerprint and compares it against 

data and biometric features of the user. The control chip the stored tem P late of the same print on the smart card 14. 

controls communications at the reader so that information ^ smart card 14 includes on-board the micro computer 

about the user is not released to an external source before chl P 20 t0 allow for do w ™Wing of PC data and applica- 

user authentication is confirmed. Similarly, the control chip tl0DS * ^ Smart Card 14 is removably inserted in the reader 

prevents incoming signals or data transmissions from reach- 20 *2 which is connected to a magnetic strike lock 42 of a 

ing the reader 12 before user authentication is confirmed. An security access door 44. Although one access door 44 is 

input 18 is provided in the reader 12 into which the smart shoWD for thc svstem 40 ' il is understood that there can be 

card 14 is removably inserted a multiplicity of doors controlled and monitored by the 

The smart card 14 is of the size and shape of a credit card * y a S ' em Aga'eway 46 is in communication with the 

and includes a chip 20 having a select amount of memory 25 U ' ^'T* \ mfo 1 " n,l,0 ° t0 a PC <*• ^ 

,i • -rn cmnrt „ , , A | i t . t \ mechanisms (hardware) can be used to route the data 

therein, Fhe smart card 14 can include other chips (not t u™,„u ,u ♦ A n > tu . c 

U \ il • • . v through the system 40. The PC-server can operate, for 

shown), as well as other data corresponding to the user. 6 , J „- , no , y^iau,, 

^ 1 fe example, either Windows 98 or Windows NT. An umnter- 

The chip 20, by way of example, includes 128 BYTES of mpted suppIy (ups) 50 - & coaBCcUid t0 ^ Pc 43 and 

memory, shown generally at 22. Of this total chip memory 3Q the gateway 46 to provide complete backup power and surge 

22, 1 to 3 BYTES shown generally at 24 can be used for SU rpresor capability. The UPS 50 can communicate with the 

system operation. User information 26 can be stored in the system pc 48 to signal changes in the power environment so 

chip memory 22. The user information 26 can include, for that the end users and support personnel can be alerted to 

example, 4 to 100 BYTES of memory which are broken sucn p0 wer changes 

<r«™f fingeiprin * ™.™ T y 28 Can f ^ 0f 4 10 35 The broken line 52 represents a cabinet which can be used 

50 BYTES of memory, while identification data 30 repre- t0 ^ m the ( 46 ^ pc ^ and ^ up$ 50 ^ 

senting the user can require 51 to 75 BYTES of memory. cabinel 52 can i(sdf be locked t0 m unauthorized 

The remaining memory 32 can be for other system opera- access thereto 

tions. It is understood that this description of the memory for f " , . t rT ~ - „ 

tU ^ u> • f i f • . In operation, referring to FIG. 2, a user attempts to cam 

the chip is for example purposes only and is not a required „ tU . tU A °. A . • . . . A . b " 
. * v r * ^ u 40 access through the door 44 by inserting their card 14 into the 

' reader 12 so that the stored template of their fingerprint can 

The self-contained, stand-alone features of these elements be read f rom the card 14 for the authentication process The 

10 according to the present invention are ideally suited for user then p i ace s his or her finger on the fingerprint scanner 

authenticating an individual carrying the smart card 14. For 16i rea der 12 then scans the actual fingerprint and then 

example, the smart card 14 could operate as a driver's 45 comp ares the image of the finger obtained with that of the 

license having the chip 20 with memory 22 therein. A police store d data for the fingerprint template in the chip memory 

officer selecting an individual for discussion could seek 2 2. If the fingerprint scanned matches the data in the chip 

authentication of the individual pnor to such discussion. The memory 22, then and only then will the user's information 

police officer would carry the reader 12 requesting the user and identification be sent to the gateway 46 for transmission 

to put his smart card 14 m the input 18 of the reader 12. The 50 to the PC 48 to determine if the user is permitted to enter 

user then places his finger on the fingerprint scanner 16, through the access door and gain enlry similarly, no com- 

which is the silicone chip 17, for comparison with the munication into the reader 12 is permitted before the user is 

fingerprint data stored in the chip memory 22 to determine actually authenticated. The reader 12 can be mounted on the 

whether the person carrying the card is the same person as door 44 or on a wall adjacent to the door. It is important to 

that whose finger is resting on the scanner 16. If authenti- 55 not e that authentication is done at the reader 12, not at the 

cation is confirmed to be positive, a visual indicator 34 will gateway 46 or the PC 48. Authentication at the PC 48 via the 

light. Authentication is done at the scene, on board the reader gateway 46 exposes the system to a security breach because 

12, not at a remote location. If it is determined that the data it pcrmits unauthorized hacking or sniffing of the data that is 

at the fingerprint scanner 16 does not correspond to that transmitted. Therefore, the system provides an immediate 

which is stored in the chip memory 22, an indicator 36 will 60 on . board an d on-site authentication of the user before any 

be lit. Other visual indicators may also be used to indicate dala corresponding to the user is transmitted to a remote 

transmissions and receptions of data, after authentication of location for entry through the door 44 or access to other 

the user is positively confirmed. Alternatively, an audible area s. In addition, until authentication of the user is actually 

indicator can be used in conjunction with the visual indica- confirmed, no communications are received at the reader 12. 

tors 34, 36. 65 further pre vents the opportunity for those unauthorized 

The comparison of the fingerprint scanned at the scanner to access information about the user or obtain the stored 

16 with the data on the chip 20 of the smart card 14 is done data. 
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Once the user is authenticated as discussed above, the user 
information which is encrypted on the card 14 is transmitted 
to a domain controller 54. The controller 54 receives this 
information and determines if the user has the necessary 
clearance on a network for the system 40 to gain entry s 
through the door 44 that is connected to the reader 12. Many 
different rules can be applied to a particular user that can be 
checked and verified once the data is received by controller 
54. For example, user profiles can be configured so that 
certain people can only enter on certain days at certain times to 
through this particular door 44, or other doors or objects as 
the situation requires. 

The data from the reader 12 is then transmitted to the 
gateway 46 and then forwarded to the appropriate computer. 
Since most PC's, such as the PC 48 of the present system 40, 15 
have only two communication ports and, it is possible that 
a plurality perhaps hundreds of doors in a building have to 
be connected to this system 40, the gateway 46 is needed to 
monitor these connections and pass the data through to the 
PC 48 once data is received from any one of the doors, such 20 
as the door 44. The gateway 46 obviates the need for the PC 
48 to have a communication port for each one of the doors 
in the system 40. An inbound connector 56, and in an 
out-bound RS232 cable 58 arc shown connecting the gate- 
way 46 with the PC 48. 25 

Data received at the gateway 46 is routed to the in-bound 
cable 46 of the PC 48. 

Once the data is received at the PC 48 that is operating the 
system 40, system rules are checked, evaluated, and based 
upon the status of the rule (either true or false), a determi- 30 
nation is made which processing will then take place. There 
are a number of different rules that may, or may not be 
checked and acted upon. This all depends on the system and 
the requirements of the user to access or be denied access 
certain spaces in the facility. Once the user is authenticated 35 
as discussed above, the system 40 either allows or denies 
access to the door 44 or whatever other object is to be acted 
upon. Other rules can be acted upon, such as simply logging 
on, logging off, accounts being disabled, monitored, etc. At 
this stage in the system 40, activity can also be set up as 40 
"alerts" so that if a particular condition exists with respect to 
the rules, notification of support and management personnel 
can be automatically actuated to alert such personnel of the 
particular event occurring. 

Once the data has been processed and it is determined that 
user access is authorized, or that user access is not autho- 
rized to the door 44 based on one or more of the answers to 
the rules testing, the accessed "authorized" or "denied" 
response is transmitted from the PC 48 through the out- 
bound RS232 cable 58 to the gateway 46. 

The RS cables 56, 58 are referred to by example only. 
Other cable constructions can be used. 

The data received at the gateway 46 from the PC 48 in the 
previoussTep is transmitted to the specific reader 12\door 44. 5S 
The gateway 46 determines from which reader 12 the 
request originated and for which an answer is now available 
and must be transmitted. Since there could be hundreds of 
doors connected to the gateway 46, it is important that the 
gateway 46 undertake this step of the system process. 60 

The gateway 46 then automatically transmits the door 
44\reader 12 request through the correct port and transmis- 
sion line 60. The data is then on its way back to the 
respective reader 12\door 44 which upon arrival will either 
grant or deny the user access to the door 44. $5 

The data response is then received at the reader 12, and 
thereafter, the user will hear either the unlocking noise thus 



45 
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permitting the user access through the door 44, or "access 
denied" message on an LCD or visual indicator read out of 
the reader 12. Access by the user could be denied for a 
plurality of reasons based upon the rules that are encoded 
with the PC 48 of the system 40. In addition, a record of this 
and all activity with respect to the user and his or her trying 
to obtain access to this door 44 and other sites will be 
recorded and logged for print out and archive capability at 
the system PC 48. 

The UPS 50 is connected to the PC 48 as shown by the 
dotted line 60, and into the gateway 46 by the dotted line 62. 
The UPS 50 provides, for example, automatic voltage 
regulation, built-in network card\modem surge protection 
and battery management to extend battery life and increase 
run time and line interaction. 

The present invention will provide many advantages and 
applicability for personal and commercial use. For example, 
the elements 10 in system 40 can be used with the television 
(TV), thereby restricting viewing of the television based 
upon: time of day, channel selection, viewer age, and 
pay-per-view shows. The present system would replace the 
ATM card for banking use, thereby authenticating the user 
at the ATM machine before any data, transmission or bank- 
ing activity occurs. With respect to automobiles, the ele- 
ments 10 or the system 40 can provide for a contact less 
reader 12 installed at the exterior of the car to unlock the car 
and in addition, a similar system can be also mounted to the 
dash board to control use of the steering wheel. At the 
doctors office, you would present your card 14 into the 
reader 12 to automatically verify you are the individual who 
is to be seen by the physician and to verify insurance or other 
medical information necessary for a medical procedure or 
office visit to continue. Charges, such as co-payments can 
also be monitored and authenticated. 

The present invention will enable a company to discon- 
tinue use of the conventional employee identification card, 
security card system, health benefits and prescription plan 
cards and the need to distribute metal keys that can be lost, 
duplicated or stolen. In the present invention, even if the 
user's card 14 is stolen, there is no way for another to use 
the card because the fingerprint of the other individual 
would not match the data stored on the chip 20 of the card. 

There are a multiplicity of ways in which the elements 10 
in system 40 of the present invention can be employed. 

The present invention is designed to be compatible with 
Windows 95\98 and NT 4.0\5.0, as well as other operating 
systems. 

Modifications of the foregoing may be made without 
departing from the spirit and scope of the invention. What is 
desired to be protected by Letters Patent is set forth in the 
appended claims. 

What is claimed is: 

1. A biometric authentication apparatus, comprising: 
a smart card having: 

a computer chip storing data corresponding to a bio- 
metric feature of a card user, the smartcard adapted 
for providing the biometric feature data for compari- 
son to the biometric feature of the card user, 
a non-biometric identifier corresponding to the card 
user; and 
a portable reader having: 

a housing, the housing having an inlet constructed and 
arranged for releasably receiving the smart card at 
the housing, 

a biometric scanner mounted to the housing and acces- 
sible to the biometric feature of the card user, 
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a central processing unit (CPU) mourned to the 
housing, the CPU adapted for comparing at the 
portable reader the biometric feature at the scanner 
with the biometric feature data stored on the com- 
puter chip of the smart card for generating a first 5 
comparison signal representing the authentication 
status of the card user, and for providing a second 
comparison when the first comparison signal indi- 
cates positive authentication of the user, the second 
comparison between the non-biometric identifier of 10 
the smart card and other user data stored remote from 
the smart card to further determine authentication 
status of the user and generate a second comparison 
signal; 

a control chip associated with the CPU at the portable 15 
reader, the control chip preventing communication 
with the authentication apparatus until positive 
authentication of the user is complete; and 
an indicator assembly adapted for receiving the first and 

second comparison signals generated to indicate the 20 

authentication status of the card user. 

2. A method of authenticating a user, the method com- 
prising the steps of: 

storing biometric data of the user on a storage means; 

sensing a biometric feature of the user at a sensing means; 25 

comparing the biometric feature of the user sensed with 
the biometric data stored; 

determining whether the biometric data stored is repre- 
sentative of the biometric feature sensed; 30 

wherein the step of storing biometric data further com- 
prises the steps of: 

storing personal identifying data of the user other than 

the biometric data of the user on the storage means, 
storing other personal identifying data of the user other 35 

than biometric data of the user remote from the 

storage means, and 
comparing the personal identifying data on the storage 

means with the other personal identifying data 

remote from the storage means; 
controlling information about the biometric data and 
biometric feature of the user to be restricted from 
external communications until the determining step 
positively authenticates the user; 
indicating a result of the determining step to indicate 
authentication status of a user. 

3. An authentication apparatus, comprising: 

storage means for storing data corresponding to a bio- 
metric feature of a user; 50 

sensor means separate and discrete from the storage 
means for sensing the biometric feature of a user; 

reader means for reading the biometric feature sensed and 
being in communication with the storage means and the 
sensor means; 55 

comparison means associated with the reader means for 
comparing the biometric feature sensed with the stor- 
age means data of the biometric feature for determining 
at the reader means authetication status of the user and 
generating a signal of said status; 60 

control means associated with the comparison means at 
the reader means, the control means adapted for receiv- 
ing the authentication status signal and controlling 
communication with the authentication apparatus to be ^ 
restricted until said status signal indicates positive 
authentication of the user; and 



45 



indicator means connected to the comparison means for 
receiving the status signal generated to indicate the 
status of user authentication. 

4. An authentication apparatus, comprising: 
storage means for storing biometric data of a user; and 
reader means for reading a biometric feature of a user, the 

reader meaas coacting with (he storage means for 
reading the biometric data at the reader means and 
generating a signal representing a result of a compari- 
son of the biometric data with the biometric feature of 
the user to determine authentication status of the user; 
and 

control means in communication with the reader means 
for controlling access to the biometric data and the 
biometric feature of the usr to be restricted to the reader 
means until positive authentication of the user. 

5. The authentication apparatus according to claim 4, 
wherein the control means restricts access to the biometric 
data and the biometric feature of the user to the reader 
means. 

6. The authentication apparatus according to claim 4, 
wherein the storage means comprises: 

a plastic card with a computer chip having a central 
processing unit (CPU) embedded therein, the chip 
storing the biometric data of the user. 

7. The authentication apparatus according to claim 6, 
wherein the plastic card is a smart card. 

8. The authentication apparatus according to claim 4, 
wherein the reader means comprises: 

a silicon chip mounted to the reader means, the silicon 
chip having a surface area accessible to the user at an 
exterior of the reader means for receiving the biometric 
feature of the user. 

9. The authentication apparatus according to claim 4, 
wherein the reader means comprises: 

an optical scanner. 

10. The authentication apparatus according to claim 4, 
wherein the reader means comprises: 

an inlet constructed and arranged to releasably receive the 
storage means. 

11. The authentication apparatus according to claim 4, 
further comprising: 

indicator meaas connected to the reader means for indi- 
cating status of user identification resulting from the 
comparison by the reader means. 

12. The authentication apparatus according to claim 11, 
wherein the indicator means is selected from the group 
consisting of visual indicators, audible indicators, or a 
combination thereof. 

13. The authentication apparatus according to claim 4, 
further comprising: 

identifier means stored on the storage means, the identifier 
means corresponding to personal identifying data of the 
user other than biometric features of the user; 

wherein the reader means is adapted to compare the 
personal identifying data of the identifier means with 
the biometric feature data of the user and the biometric 
feature sensed of the user. 

14. The authentication apparatus according to claim 4, 
wherein the biometric feature is selected from a group 
consisting of a fingerprint, saliva, retian scan, and voice 
scan. 
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